| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7d82cf5e-f60c-4295-9566-c40f6897fce7@redhat.com>
Date: Thu, 9 Oct 2025 12:30:27 +0200
From: David Hildenbrand <david@...hat.com>
To: Balbir Singh <balbirs@...dia.com>, linux-kernel@...r.kernel.org
Cc: Alexander Potapenko <glider@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Brendan Jackman <jackmanb@...gle.com>, Christoph Lameter <cl@...two.org>,
Dennis Zhou <dennis@...nel.org>, Dmitry Vyukov <dvyukov@...gle.com>,
dri-devel@...ts.freedesktop.org, intel-gfx@...ts.freedesktop.org,
iommu@...ts.linux.dev, io-uring@...r.kernel.org,
Jason Gunthorpe <jgg@...dia.com>, Jens Axboe <axboe@...nel.dk>,
Johannes Weiner <hannes@...xchg.org>, John Hubbard <jhubbard@...dia.com>,
kasan-dev@...glegroups.com, kvm@...r.kernel.org,
"Liam R. Howlett" <Liam.Howlett@...cle.com>,
Linus Torvalds <torvalds@...ux-foundation.org>, linux-arm-kernel@...s.com,
linux-arm-kernel@...ts.infradead.org, linux-crypto@...r.kernel.org,
linux-ide@...r.kernel.org, linux-kselftest@...r.kernel.org,
linux-mips@...r.kernel.org, linux-mmc@...r.kernel.org, linux-mm@...ck.org,
linux-riscv@...ts.infradead.org, linux-s390@...r.kernel.org,
linux-scsi@...r.kernel.org, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>,
Marco Elver <elver@...gle.com>, Marek Szyprowski <m.szyprowski@...sung.com>,
Michal Hocko <mhocko@...e.com>, Mike Rapoport <rppt@...nel.org>,
Muchun Song <muchun.song@...ux.dev>, netdev@...r.kernel.org,
Oscar Salvador <osalvador@...e.de>, Peter Xu <peterx@...hat.com>,
Robin Murphy <robin.murphy@....com>, Suren Baghdasaryan <surenb@...gle.com>,
Tejun Heo <tj@...nel.org>, virtualization@...ts.linux.dev,
Vlastimil Babka <vbabka@...e.cz>, wireguard@...ts.zx2c4.com, x86@...nel.org,
Zi Yan <ziy@...dia.com>
Subject: Re: [PATCH RFC 06/35] mm/page_alloc: reject unreasonable
folio/compound page sizes in alloc_contig_range_noprof()
On 09.10.25 12:25, Balbir Singh wrote:
> On 10/9/25 17:12, David Hildenbrand wrote:
>> On 09.10.25 06:21, Balbir Singh wrote:
>>> On 8/22/25 06:06, David Hildenbrand wrote:
>>>> Let's reject them early, which in turn makes folio_alloc_gigantic() reject
>>>> them properly.
>>>>
>>>> To avoid converting from order to nr_pages, let's just add MAX_FOLIO_ORDER
>>>> and calculate MAX_FOLIO_NR_PAGES based on that.
>>>>
>>>> Signed-off-by: David Hildenbrand <david@...hat.com>
>>>> ---
>>>> include/linux/mm.h | 6 ++++--
>>>> mm/page_alloc.c | 5 ++++-
>>>> 2 files changed, 8 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/include/linux/mm.h b/include/linux/mm.h
>>>> index 00c8a54127d37..77737cbf2216a 100644
>>>> --- a/include/linux/mm.h
>>>> +++ b/include/linux/mm.h
>>>> @@ -2055,11 +2055,13 @@ static inline long folio_nr_pages(const struct folio *folio)
>>>> /* Only hugetlbfs can allocate folios larger than MAX_ORDER */
>>>> #ifdef CONFIG_ARCH_HAS_GIGANTIC_PAGE
>>>> -#define MAX_FOLIO_NR_PAGES (1UL << PUD_ORDER)
>>>> +#define MAX_FOLIO_ORDER PUD_ORDER
>>>
>>> Do we need to check for CONTIG_ALLOC as well with CONFIG_ARCH_HAS_GIGANTIC_PAGE?
>>>
>>
>> I don't think so, can you elaborate?
>>
>
> The only way to allocate a gigantic page is to use CMA, IIRC, which is covered by CONTIG_ALLOC
As we are discussing as part of v2 right now, there is the way to just
obtain them from memblock during boot.
>
>>>> #else
>>>> -#define MAX_FOLIO_NR_PAGES MAX_ORDER_NR_PAGES
>>>> +#define MAX_FOLIO_ORDER MAX_PAGE_ORDER
>>>> #endif
>>>> +#define MAX_FOLIO_NR_PAGES (1UL << MAX_FOLIO_ORDER)
>>>> +
>>>> /*
>>>> * compound_nr() returns the number of pages in this potentially compound
>>>> * page. compound_nr() can be called on a tail page, and is defined to
>>>> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
>>>> index ca9e6b9633f79..1e6ae4c395b30 100644
>>>> --- a/mm/page_alloc.c
>>>> +++ b/mm/page_alloc.c
>>>> @@ -6833,6 +6833,7 @@ static int __alloc_contig_verify_gfp_mask(gfp_t gfp_mask, gfp_t *gfp_cc_mask)
>>>> int alloc_contig_range_noprof(unsigned long start, unsigned long end,
>>>> acr_flags_t alloc_flags, gfp_t gfp_mask)
>>>> {
>>>> + const unsigned int order = ilog2(end - start);
>>>
>>> Do we need a VM_WARN_ON(end < start)?
>>
>> I don't think so.
>>
>
> end - start being < 0, completely breaks ilog2. But we would error out because ilog2 > MAX_FOLIO_ORDER, so we should fine
Right, and if we have code that buggy that does it, it probably
shouldn't be our responsibility to sanity check that :)
It would have been completely buggy before this patch.
>
>>>
>>>> unsigned long outer_start, outer_end;
>>>> int ret = 0;
>>>> @@ -6850,6 +6851,9 @@ int alloc_contig_range_noprof(unsigned long start, unsigned long end,
>>>> PB_ISOLATE_MODE_CMA_ALLOC :
>>>> PB_ISOLATE_MODE_OTHER;
>>>> + if (WARN_ON_ONCE((gfp_mask & __GFP_COMP) && order > MAX_FOLIO_ORDER))
>>>> + return -EINVAL;
>>>> +
>>>> gfp_mask = current_gfp_context(gfp_mask);
>>>> if (__alloc_contig_verify_gfp_mask(gfp_mask, (gfp_t *)&cc.gfp_mask))
>>>> return -EINVAL;
>>>> @@ -6947,7 +6951,6 @@ int alloc_contig_range_noprof(unsigned long start, unsigned long end,
>>>> free_contig_range(end, outer_end - end);
>>>> } else if (start == outer_start && end == outer_end && is_power_of_2(end - start)) {
>>>> struct page *head = pfn_to_page(start);
>>>> - int order = ilog2(end - start);
>>>> check_new_pages(head, order);
>>>> prep_new_page(head, order, gfp_mask, 0);
>>>
>>> Acked-by: Balbir Singh <balbirs@...dia.com>
>>
>> Thanks for the review, but note that this is already upstream.
>>
>
> Sorry, this showed up in my updated mm thread and I ended up reviewing it, please ignore if it's upstream
I'm happy for any review (better in reply to v2), because any bug caught
early is good!
--
Cheers
David / dhildenb
Powered by blists - more mailing lists